Virus

NAV has detected that a file in the Windowssystem folder is infected with a trojan horse. The file is wininetd.exe. Symantec advise me to delete this file and replace it if necessary. Is it necessary and, if so, how do I replace it?

Re: Virus

I could find nothing for wininetd.exe. Are you sure it isn't wininet.exe? That is a worm & you can find information on it here & here

And yes, you can delete that file, but if NAV detected it, it should have an option to delete it. There are also registry keys that were affected as discussed in the second article above. If you search Google for wininet.exe, there are more articles.
Hope this helps,

Re: Virus

Yes, it is definitely wininetd.exe. I have searched Google and no results were returned. I do have a file called wininet.dll in my WindowsSystem folder and one called wininetd.lgc in my WindowsApplog folder. Is this info of any use?

Re: Virus

You should NOT have a file called wininet.exe. This file is put there by the worm. I don't know what to tell you about wininetd.dll because I can't find it listed. Perhaps it was wininet.exe & got renamed somehow. Nevertheless, if you run NAV, you should have the option of removing it. Follow the instructions that you got from NAV.

Having a *lgc file merely means that the .exe has run. Windows uses the AppLog to keep track of how many times you use each application so that when you defrag, it puts the most used apps where they can be accessed more quickly.

Re: Virus

I htink there is some confusion. I do not have a file called wininet.exe, it is wininetd.exe. I do not have one called wininetd.dll, it is wininet.dll (see my previous response). Can I safely delete the .lgc file?

Re: Virus

I'm sorry. I actually meant wininet.dll in my previous post. In any event, I believe that the original to links that I provided indicate that it's put there by a worm. Therefore, the dll should be safe to delete, BUT it seems to me that NAV should do that for you. If you run a scan, it should identify it. Yes, you can delete the wininet.lgc file. You can also open the AppLog & remove the corresponding entry. Again, I'm not sure why the exe file is wininetd.exe. I'd use the antivirus software to remove the worm or go to the Symantec site for more details.